[OTDev] A&A clarifications
Andreas Maunz andreas at maunz.deMon Mar 7 17:55:02 CET 2011
- Previous message: [OTDev] A&A clarifications
- Next message: [OTDev] A&A clarifications
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Surajit, surajit ray wrote on 03/07/2011 05:06 PM: > Hi Andreas,All, > > Was trying to work through the doc file given as documentation on the > website at > > http://opentox.org/data/documents/partner/wp/3/deliverables/Draft%20Report%20WP3-D3.3 > > I had a few queries regarding the content. > > 1) To quote an example from the doc file > > > ------------------------------------------------------------------------------------ > # Listing all my policies... > # ======================= > curl -i -X GET http://opensso.in-silico.ch/Pol/opensso-pol -H > “subjectid: AQIC5wM2LY4SfcxrnpcZCmbfdsKTyxG9E66uu5FVhefps7I%3D%40AAJTSQACMDE%3D%23” > HTTP/1.1 200 OK > Content-Type: text/plain > There were not matching policies under realm, /. > ------------------------------------------------------------------------------------ > > > here the token is url encoded while in reality (on the server at > http://opensso.in-silico.ch/Pol/opensso-pol) the accepted form is without urlencoding the token. Please keep in mind that the deliverable may be superseded by later versions of the software. Here is the relevant documentation: http://www.opentox.org/dev/apis/api-1.2/AA#section-2 > and the result from the non-urlencoded token submission is following > > > ------------------------------------------------------------------------------------ > maxtox at maxtox-desktop:~$ curl -i -X GET > http://opensso.in-silico.ch/Pol/opensso-pol -H > "subjectid:AQIC5wM2LY4SfcwYjtLJPwt6fs8ca1Owk5XWByXX3Wn+bX4=@AAJTSQACMDE=#" > HTTP/1.0 200 OK > Server: nginx/0.6.32 > Date: Mon, 07 Mar 2011 15:36:58 GMT > Content-Type: text/plain > Proxy-Connection: keep-alive > Content-Length: 1 > ------------------------------------------------------------------------------------ > > as you can see I could not get the expected : "There were not > matching policies under realm, /." I will investigate why this is missing. Please work around that in the meantime. > 2) When I do a authentication like the following I get the result as a > token.id like so > > > ------------------------------------------------------------------------------------ > maxtox at maxtox-desktop:~$ curl -i -d "username=surajitray" -d > "password=w3lc0m3" > http://opensso.in-silico.ch/opensso/identity/authenticate > HTTP/1.0 200 OK > Server: nginx/0.6.32 > Date: Mon, 07 Mar 2011 15:31:26 GMT > Content-Type: text/plain;charset=UTF-8 > Proxy-Connection: keep-alive > Content-Length: 72 > > token.id=AQIC5wM2LY4Sfcy24eQG5V7J8Lth75vK3Tdr94/rrc/nBJs=@AAJTSQACMDE=# > ------------------------------------------------------------------------------------ > > > Have been correct to assume that this token.id is to be used as > subjectid in the previous step ? Yes. > If my assumption was correct then could you please remove this > apparent inconsistency by changing both the variables to the same name > (either token.id or subjectid) ? No, since all other OT members use it- therefore this would break everything. I am passing the original SSO output here. I could change it, but we would have to agree on that collectively. > Also in the documentation on the website > (http://opentox.org/dev/apis/api-1.2/AA) the following is mentioned > > > ------------------------------------------------------------------------------------ > > Authentication > > POST on /auth/authenticate > > username > password > uri > > 200 + token (Valid) > 401 (Invalid) > > Token validation > > POST on /auth/isTokenValid > > tokenid > > 200 + Boolean > > Logout > > POST on /auth/logout > > subjectid > > 200 + void > > ------------------------------------------------------------------------------------ > > > > As you can see theres a mix of token and tokenid. So we have four > representations of the same thing token.id , token , tokenid, > subjectid ? You are right, but the services you mentioned are the original OpenSSO services, which is why I can not simply change them. The names are inconsisten (I know). Best regards Andreas
- Previous message: [OTDev] A&A clarifications
- Next message: [OTDev] A&A clarifications
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list